On Nov 14, 2012, Mark Boolootian wrote: > Hi Mike, > > > fwknop-2.0.3 has been released: > > Thanks very much for your good work on this code, and to the others who > contributed to its robustness. Also, the tutorial is much appreciated. It > is a fine piece of work.
Thanks for the kind words - glad you like the release and the tutorial. > I installed fwknop-2.0.3 on a FreeBSD 8.3 box and encountered a couple of > what I'm guessing are minor problems during testing. > > Running "./test-fwknop.pl --enable-recompile" produced the complaint: > > [*] ../lib/.libs directory does not exist. at ./test-fwknop.pl line 3249. > > It appears that simply creating that directory is all that is needed. Even when --enable-recompile is given, the test suite assumes that fwknop has already been compiled once. This will be fixed for 2.0.4. > The test suite produced failures in the "fortify source functions" and > "read-only relocations" tests, output of which is below. Any hints on what > caused this? > > > [build security] [client] fortify source functions..................fail (5) > [build security] [client] read-only relocations.....................fail (6) > [build security] [server] fortify source functions..................fail > (11) > [build security] [server] read-only relocations.....................fail > (12) > [build security] [libfko] fortify source functions..................fail > (16) > [build security] [libfko] read-only relocations.....................fail > (17) fwknop uses the "hardening-check" script developed for Debian to interpret the output of readelf to look for the hardening options. Because readelf output appears to be slightly different on FreeBSD and OpenBSD systems vs. Linux, it isn't able to correctly detect whether the binaries have been built with the hardening options. Even so, the binaries should have been compiled properly by autoconf to include them, so you can safely ignore these failures I would say. I need to update the hardening-check script to handle readelf output on non-Linux systems. Thanks, --Mike > [+] TEST: [build security] [client] fortify source functions > Wed Nov 14 10:11:59 2012 CMD: ./hardening-check ../client/.libs/fwknop > ../client/.libs/fwknop: > Position Independent Executable: yes > Stack protected: yes > Stack protected: yes > Fortify Source functions: no, not found! > Read-only relocations: no, not found! > Immediate binding: yes > [.] file_find_regex() Matched '(?^i:Fortify\sSource\sfunctions:\sno)' with > line: Fortify Source functions: no, not found! > > [+] TEST: [build security] [client] read-only relocations > Wed Nov 14 10:11:59 2012 CMD: ./hardening-check ../client/.libs/fwknop > ../client/.libs/fwknop: > Position Independent Executable: yes > Stack protected: yes > Stack protected: yes > Fortify Source functions: no, not found! > Read-only relocations: no, not found! > Immediate binding: yes > [.] file_find_regex() Matched '(?^i:Read.only\srelocations:\sno)' with > line: Read-only relocations: no, not found! > > [+] TEST: [build security] [server] fortify source functions > Wed Nov 14 10:11:59 2012 CMD: ./hardening-check ../server/.libs/fwknopd > ../server/.libs/fwknopd: > Position Independent Executable: yes > Stack protected: yes > Stack protected: yes > Fortify Source functions: no, not found! > Read-only relocations: no, not found! > Immediate binding: yes > [.] file_find_regex() Matched '(?^i:Fortify\sSource\sfunctions:\sno)' with > line: Fortify Source functions: no, not found! > > [+] TEST: [build security] [server] read-only relocations > Wed Nov 14 10:11:59 2012 CMD: ./hardening-check ../server/.libs/fwknopd > ../server/.libs/fwknopd: > Position Independent Executable: yes > Stack protected: yes > Stack protected: yes > Fortify Source functions: no, not found! > Read-only relocations: no, not found! > Immediate binding: yes > [.] file_find_regex() Matched '(?^i:Read.only\srelocations:\sno)' with > line: Read-only relocations: no, not found! > > [+] TEST: [build security] [libfko] fortify source functions > Wed Nov 14 10:11:59 2012 CMD: ./hardening-check ../lib/.libs/libfko.so > ../lib/.libs/libfko.so: > Position Independent Executable: no, regular shared library (ignored) > Stack protected: yes > Stack protected: yes > Fortify Source functions: no, not found! > Read-only relocations: no, not found! > Immediate binding: yes > [.] file_find_regex() Matched '(?^i:Fortify\sSource\sfunctions:\sno)' with > line: Fortify Source functions: no, not found! > > [+] TEST: [build security] [libfko] read-only relocations > Wed Nov 14 10:11:59 2012 CMD: ./hardening-check ../lib/.libs/libfko.so > ../lib/.libs/libfko.so: > Position Independent Executable: no, regular shared library (ignored) > Stack protected: yes > Stack protected: yes > Fortify Source functions: no, not found! > Read-only relocations: no, not found! > Immediate binding: yes > [.] file_find_regex() Matched '(?^i:Read.only\srelocations:\sno)' with > line: Read-only relocations: no, not found! > > best regards, > mark > ------------------------------------------------------------------------------ > Monitor your physical, virtual and cloud infrastructure from a single > web console. Get in-depth insight into apps, servers, databases, vmware, > SAP, cloud infrastructure, etc. Download 30-day Free Trial. > Pricing starts from $795 for 25 servers or applications! > http://p.sf.net/sfu/zoho_dev2dev_nov > _______________________________________________ > Fwknop-discuss mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/fwknop-discuss ------------------------------------------------------------------------------ Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov _______________________________________________ Fwknop-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
